Follow Us On Social Media

An extremely critical vulnerability has recently been discovered in WebRTC (Web Real-Time Communication), an open-source standard that enables the browsers to make voice or video calls without needing any plug-ins.

AFFECTED PRODUCTS

Late last month, security researchers revealed a massive security flaw that enables website owner to easily see the real IP addresses of users through WebRTC, even if they are using a VPN or even PureVPN to mask their real IP addresses.

The security glitch affects WebRTC-supporting browsers such as Google Chrome and Mozilla Firefox, and appears to be limited to Windows operating system only, although users of Linux and Mac OS X are not affected by this vulnerability.

HOW DOES THE WebRTC FLAW WORKS

WebRTC allows requests to be made to STUN (Session Traversal Utilities for NAT) servers which return the "hidden" home IP-address as well as local network addresses for the system that is being used by the user.

The results of the requests can be accessed using JavaScript, but because they are made outside the normal XML/HTTP request procedure, they are not visible in the developer console. This means that the only requirement for this to work is WebRTC support in the browser and JavaScript.

CHECK YOURSELF NOW

A demonstration published by developer Daniel Roesler on GitHub allows people to check if they are affected by the security glitch.

Also, you can go through the following steps in order to check if you're affected: